Users login

Create an account »

JOIN XATRIX

Users login

Home » Hacking News » FreeBSD SN-03:01: samba multiple vulnerabilities

FreeBSD SN-03:01: samba multiple vulnerabilities

by Nikola Strahija on April 9th, 2003 Several vulnerabilities have been found in Samba which, if exploited, could allow remote attackers to execute arbitrary code with root privileges and gain root access.


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

================================================================
FreeBSD-SN-03:01 Security Notice
The FreeBSD Project

Topic: security issue in samba ports
Announced: 2003-04-07

I. Introduction

Several ports in the FreeBSD Ports Collection are affected by security
issues. These are listed below with references and affected versions.
All versions given refer to the FreeBSD port/package version numbers.
The listed vulnerabilities are not specific to FreeBSD unless
otherwise noted.

These ports are not installed by default, nor are they ``part of
FreeBSD'' as such. The FreeBSD Ports Collection contains thousands of
third-party applications in a ready-to-install format. FreeBSD makes
no claim about the security of these third-party applications. See
http://www.freebsd.org/ports/ for more information about the
FreeBSD Ports Collection.

II. Ports

+------------------------------------------------------------------------+
Port name: net/samba
Affected: versions < samba-2.2.8_2, samba-2.2.8a
Status: Fixed

Two vulnerabilities recently:

(1) Sebastian Krahmer of the SuSE Security Team identified
vulnerabilities that could lead to arbitrary code execution as root,
as well as a race condition that could allow overwriting of system
files. (This vulnerability was previously fixed in Samba 2.2.8.)

(2) Digital Defense, Inc. reports: ``This vulnerability, if exploited
correctly, leads to an anonymous user gaining root access on a Samba
serving system. All versions of Samba up to and including Samba 2.2.8
are vulnerable. Alpha versions of Samba 3.0 and above are *NOT*
vulnerable.''

http://us1.samba.org/samba/whatsnew/samba-2.2.8.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0085
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0086
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0196
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0201
+------------------------------------------------------------------------+
Port name: net/samba-tng
Affected: all versions
Status: Not fixed

Some or all of the vulnerabilities affecting Samba may also affect
Samba-TNG. No confirmation or official patches are available at the
time of this security notice.
+------------------------------------------------------------------------+

III. Upgrading Ports/Packages

To upgrade a fixed port/package, perform one of the following:

1) Upgrade your Ports Collection and rebuild and reinstall the port.
Several tools are available in the Ports Collection to make this
easier. See:
/usr/ports/devel/portcheckout
/usr/ports/misc/porteasy
/usr/ports/sysutils/portupgrade

2) Deinstall the old package and install a new package obtained from

[FreeBSD 4.x, i386]
ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/i386/packages-4-stable/All/

[FreeBSD 5.x, i386]
ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/i386/packages-5-current/All/

Packages are not automatically generated for other architectures at
this time.

Note that new, official packages may not be available on all mirrors
immediately. In the interim, Security Officer-generated packages (and
detached digital signatures) are available for the i386 architecture
at:

[FreeBSD 4.x, i386]
ftp://ftp2.FreeBSD.org/pub/FreeBSD/security-officer/ports/i386/packages-4-stable/samba-2.2.8_2.tgz
ftp://ftp2.FreeBSD.org/pub/FreeBSD/security-officer/ports/i386/packages-4-stable/samba-2.2.8_2.tgz.asc

[FreeBSD 5.x]
ftp://ftp2.FreeBSD.org/pub/FreeBSD/security-officer/ports/i386/packages-5-current/samba-2.2.8_2.tbz
ftp://ftp2.FreeBSD.org/pub/FreeBSD/security-officer/ports/i386/packages-5-current/samba-2.2.8_2.tbz.asc


+------------------------------------------------------------------------+
FreeBSD Security Notices are communications from the Security Officer
intended to inform the user community about potential security issues,
such as bugs in the third-party applications found in the Ports
Collection, which will not be addressed in a FreeBSD Security
Advisory.

Feedback on Security Notices is welcome at .
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (FreeBSD)

iD8DBQE+kX+vFdaIBMps37IRAtkmAJ4ruhx4WQLeSPSPgfmzrVW4uYvVJACfRxem
4q3eO8IxTujzRR2QwH4eyK4=
=/4KW
-----END PGP SIGNATURE-----


Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »